General

  • Target

    1add59b6f443a890be6a7cb7f18a469f6afce80eb9ede6b01ec611d1af0ab4a0N

  • Size

    808KB

  • Sample

    241107-nd8h5szrcz

  • MD5

    720aa3a9fb19dcfaea5e1fc6dc7e29d0

  • SHA1

    8d4181496e4b311bce865df507f49f12af19cf57

  • SHA256

    1add59b6f443a890be6a7cb7f18a469f6afce80eb9ede6b01ec611d1af0ab4a0

  • SHA512

    332b52aafc950c38e646b08d802a550a82a2bdd3ad926f586914f92e0285331dcd9a466209d074cb4b2e0479dfe6e5f824d031aad64194a4e16f6c9ac9cd9072

  • SSDEEP

    6144:Qv73ASqS4jjn8u20oHTgqnfs7l6VtoSMb:QADS4fQHTTiooSMb

Malware Config

Targets

    • Target

      1add59b6f443a890be6a7cb7f18a469f6afce80eb9ede6b01ec611d1af0ab4a0N

    • Size

      808KB

    • MD5

      720aa3a9fb19dcfaea5e1fc6dc7e29d0

    • SHA1

      8d4181496e4b311bce865df507f49f12af19cf57

    • SHA256

      1add59b6f443a890be6a7cb7f18a469f6afce80eb9ede6b01ec611d1af0ab4a0

    • SHA512

      332b52aafc950c38e646b08d802a550a82a2bdd3ad926f586914f92e0285331dcd9a466209d074cb4b2e0479dfe6e5f824d031aad64194a4e16f6c9ac9cd9072

    • SSDEEP

      6144:Qv73ASqS4jjn8u20oHTgqnfs7l6VtoSMb:QADS4fQHTTiooSMb

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks